ToxicMushroom/mare.server
1
0
Fork 0
mirror of https://github.com/Caraxi/mare.server.git synced 2025-12-12 18:47:23 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

add whitelisted ips to secret key auth handler

Browse source
This commit is contained in:
Stanley Dimant 2022-10-02 16:57:31 +02:00
parent 8236d355a2
commit d866223069
1 changed files with 12 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

18
MareSynchronosServer/MareSynchronosServices/Authentication/SecretKeyAuthenticationHandler.cs
View file

@ -25,6 +25,7 @@ public class SecretKeyAuthenticationHandler
private readonly object failedAuthLock = new();
private readonly int _failedAttemptsForTempBan;
private readonly int _tempBanMinutes;
private List<string> _whitelistedIps = new();
public void ClearUnauthorizedUsers()
{
@ -136,14 +137,18 @@ public class SecretKeyAuthenticationHandler
logger.LogWarning("Failed authorization from {ip}", ip);
lock (failedAuthLock)
{
if (failedAuthorizations.TryGetValue(ip, out var auth))
if (!_whitelistedIps.Any(w => ip.Contains(w)))
{
auth.IncreaseFailedAttempts();
}
else
{
failedAuthorizations[ip] = new FailedAuthorization();
if (failedAuthorizations.TryGetValue(ip, out var auth))
{
auth.IncreaseFailedAttempts();
}
else
{
failedAuthorizations[ip] = new FailedAuthorization();
}
}
}
metrics.IncCounter(MetricsAPI.CounterAuthenticationFailures);
@ -168,5 +173,6 @@ public class SecretKeyAuthenticationHandler
var config = configuration.GetRequiredSection("MareSynchronos");
_failedAttemptsForTempBan = config.GetValue<int>("FailedAuthForTempBan", 5);
_tempBanMinutes = config.GetValue<int>("TempBanDurationInMinutes", 30);
_whitelistedIps = config.GetValue<List<string>>("WhitelistedIps", new List<string>());
}
}